GRC Viewpoint

RDP, A New Worry for Risk Management?

The cyber security industry encountered unique challenges in 2021. What caused a different scenario is a covid-19 fuelled work from home culture. The task of securing home networks at such a massive scale was an arduous task for cyber experts.

The scenario is similar for the current year as similar situations prevail. Covid-19 is still predominant, and it will be a while before enterprises are fully functional.

Besides the existing problems, cyber experts have new concerns to tackle. For instance, this year, RDP, or the Remote Desktop Protocol might be a priority.

RDP has always been a favorite target for adversaries aiming to attack on-premises systems besides those available in the cloud.

When cyber attackers target enterprises and try to gain access to a network, misconfiguration on applications and devices is usually sought after.

RDP is accessible for hackers to misconfigure and leave totally exposed to the internet. Due to the exposure, a more lenient firewall or access management rules are being implemented to RDP hosts.

RDP is a protocol utilized to establish remote associations with servers and is leveraged in the Remote Desktop Services in Microsoft. Also, wherever possible, RDP must be disabled so that breaches through it don’t happen. Also, if it is inevitable, RDP needs to be deployed in such a manner that it is shielded from exploits and credential harvesting through controlled access through the VPN service.

Another option to use RDP safely is to use it together with Remote Desktop Gateway from Microsoft. It is also necessary to enable multifactor authentication to assess user identities.

The following are some of the recommendations for enterprises opting to continue the use of RDP:

  • Don’t permit domain admins an RDP login
  • Permit RDP only if needed
  • Secure all the RDP accounts that are ‘idle.’
  • Cap password retries for users
  • Carry out password strengthening options

Related Articles

Latest Articles